A Cloud-Native Security Monitoring and Protection for Modern Applications
Documentation | Quick Start | Blog | Chat with us on Slack!
SecureNative performs user monitoring by analyzing user interactions with your application and various factors such as network, devices, locations and access patterns to stop and prevent account takeover attacks.
go get github.com/securenative/securenative-goTo get your API KEY, login to your SecureNative account and go to project settings page:
SecureNative can automatically load your config from securenative.yml file or from the file that is specified in your SECURENATIVE_CONFIG_FILE env variable:
package main
import (
"github.com/securenative/securenative-go/sdk"
"log"
)
func main() {
sn, err := sdk.InitSDK(sdk.WithConfigFile("path/to/securenative.yml"))
if err != nil || sn == nil {
log.Fatal("Do some error handling")
}
defer sn.Stop()
}package main
import (
"github.com/securenative/securenative-go/sdk"
"log"
)
func main() {
sn, err := sdk.InitSDK(sdk.WithApiKey("YOUR_API_KEY"))
if err != nil {
log.Fatal("Do some error handling")
}
defer sn.Stop()
}package main
import (
"github.com/securenative/securenative-go/config"
"github.com/securenative/securenative-go/sdk"
"log"
)
func main() {
options := config.DefaultSecureNativeOptions()
options.ApiKey = "YOUR_API_KEY"
options.MaxEvents = 10
options.LogLevel = "ERROR"
sn, err := sdk.InitSDK(options)
if err != nil {
log.Fatal("Do some error handling")
}
defer sn.Stop()
}Once initialized, sdk will create a singleton instance which you can get:
package main
import (
"github.com/securenative/securenative-go/sdk"
"log"
)
func main() {
sn, err := sdk.GetInstance()
if err != nil {
log.Fatal("Do some error handling")
}
defer sn.Stop()
}Once the SDK has been initialized, tracking requests sent through the SDK instance. Make sure you build event with the EventBuilder:
package main
import (
"github.com/securenative/securenative-go/context"
"github.com/securenative/securenative-go/enums"
"github.com/securenative/securenative-go/events"
"github.com/securenative/securenative-go/models"
"github.com/securenative/securenative-go/sdk"
"log"
)
func main() {
sn, err := sdk.GetInstance()
if err != nil {
log.Fatal("Do some error handling")
}
c := &context.SecureNativeContext{
ClientToken: "SECURED_CLIENT_TOKEN",
Ip: "127.0.0.1",
Headers: map[string]string{"user-agent": "Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405"},
}
eventOptions := models.EventOptions{
Event: enums.EventTypes.LogIn,
UserId: "1234",
UserTraits: models.UserTraits{Name:"Your Name", Email:"name@gmail.com", Phone: "+1234567890"},
Context: c,
Properties: map[string]interface{}{"prop1": "CUSTOM_PARAM_VALUE", "prop2": "true", "prop3": "3"},
}
defer sn.Stop()
sn.Track(eventOptions)
}You can also create request context from requests:
package demo
import (
"github.com/securenative/securenative-go/context"
"github.com/securenative/securenative-go/enums"
"github.com/securenative/securenative-go/events"
"github.com/securenative/securenative-go/models"
"github.com/securenative/securenative-go/sdk"
"log"
"net/http"
)
func Track(request *http.Request) {
sn, err := sdk.GetInstance()
if err != nil {
log.Fatal("Do some error handling")
}
c := context.FromHttpRequest(request)
eventOptions := models.EventOptions{
Event: enums.EventTypes.LogIn,
UserId: "1234",
Context: c,
}
defer sn.Stop()
sn.Track(eventOptions)
}Example
package main
import (
"github.com/securenative/securenative-go/context"
"github.com/securenative/securenative-go/enums"
"github.com/securenative/securenative-go/events"
"github.com/securenative/securenative-go/models"
"github.com/securenative/securenative-go/sdk"
"log"
)
func main() {
sn, err := sdk.GetInstance()
if err != nil {
log.Fatal("Do some error handling")
}
eventOptions := models.EventOptions{Event:enums.EventTypes.LogIn}
defer sn.Stop()
c := &context.SecureNativeContext{
ClientToken: "SECURED_CLIENT_TOKEN",
Ip: "127.0.0.1",
Headers: map[string]string{"user-agent": "Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405"},
}
verifyResult := sn.Verify(eventOptions)
verifyResult.RiskLevel // Low, Medium, High
verifyResult.Score // Risk score: 0 - 1 (0 - Very Low, 1 - Very High)
verifyResult.Triggers // ["TOR", "New IP", "New City"]
}Apply our filter to verify the request is from us, for example:
package demo
import (
"github.com/securenative/securenative-go/sdk"
"log"
"net/http"
)
func VerifyWebHook(request *http.Request) bool {
sn, err := sdk.GetInstance()
if err != nil {
log.Fatal("Do some error handling")
}
defer sn.Stop()
return sn.VerifyRequestPayload(request)
}You can specify custom header keys to allow extraction of client ip from different providers. This example demonstrates the usage of proxy headers for ip extraction from Cloudflare.
SECURENATIVE_API_KEY: "YOUR_API_KEY"
SECURENATIVE_PROXY_HEADERS: ["CF-Connecting-IP"]Initialize sdk as shown above.
options := config.DefaultSecureNativeOptions()
options.ApiKey = "YOUR_API_KEY"
options.ProxyHeaders = []string{"CF-Connecting-IP"}
sn, err := sdk.InitSDK(options)
if err != nil {
log.Fatal("Do some error handling")
}By default, SecureNative SDK remove any known pii headers from the received request. We also support using custom pii headers and regex matching via configuration, for example:
SECURENATIVE_API_KEY: "YOUR_API_KEY"
SECURENATIVE_PII_HEADERS: ["apiKey"]Initialize sdk as shown above.
options := config.DefaultSecureNativeOptions()
options.ApiKey = "YOUR_API_KEY"
options.PiiRegexPattern = "((?i)(http_auth_)(\w+)?)"
sn, err := sdk.InitSDK(options)
if err != nil {
log.Fatal("Do some error handling")
}